Worker DTLS files best practices?

xplatsolutions · May 31, 2020, 7:04pm

Any best practices in generating DTLS certificate and the private key files for worker?

const worker = await mediasoup.createWorker(
  {
    logLevel            : "warn",
    dtlsCertificateFile : "/home/foo/dtls-cert.pem",
    dtlsPrivateKeyFile  : "/home/foo/dtls-key.pem"
  });

Not the greatest with this context, I’d appreciate even specific to mediasoup server guidelines.

ibc · May 31, 2020, 7:39pm

I see no reason to provide DTLS certificate over letting mediasoup generate a random one.

xplatsolutions · May 31, 2020, 7:41pm

Nice! I removed the parameters and server started.
What about production? I assume I set to the certificate generated for the server.

EDIT: I might be confusing the DTLS certificate with the web server certificate and the above statement might be irrelevant.

nazar-pc · June 1, 2020, 2:16am

You may want to use that to make mutual peer authentication, but you need to have control over certificates on both ends and there is no such API in the browser. Browsers and most other software (with some obscure exceptions) generate those automatically.
So unless you really know that you need it, just don’t bother and let server generate it for you automatically.

xplatsolutions · June 1, 2020, 3:02am

I’ll go with it, totally fine and thanks for the explanation

Topic		Replies	Views
Is there a way to run the server without SSL certificates ? mediasoup-demo	1	371	December 21, 2022
worker is not creating mediasoup libraries	10	96	August 13, 2024
Any idea on how to create or obtain certificate files mediasoup-demo	3	2613	December 2, 2019
DTLS handshake failed with custom Certificate when server has non standard MTU mediasoup libraries	12	2414	September 4, 2020
server x DTLS handshake failed (mediasoup-client-aiortc) mediasoup libraries	1	746	January 28, 2021

Worker DTLS files best practices?

Related topics